1 files changed, 17 insertions, 11 deletions

diff --git a/src/exhaustive/brainpool_rfc.c b/src/exhaustive/brainpool_rfc.c
index 1a9fea9..921dff3 100644
--- a/src/exhaustive/brainpool_rfc.c
+++ b/src/exhaustive/brainpool_rfc.c
@@ -33,34 +33,46 @@ GENERATOR(brainpool_rfc_gen_equation) {
 	// field is definitely prime
 	pari_sp btop = avma;
 	seed_t *seed = curve->seed;
+	pari_printf("seed before %P#x\n", bits_to_i(seed->seed));
 	do {
 		if (seed->brainpool.update_seed) {
+			printf("updating seed\n");
 			brainpool_update_seed(seed->seed);
+			pari_printf("seed after %P#x\n", bits_to_i(seed->seed));
 			seed->brainpool.update_seed = false;
 		}
 
-		GEN z;
 		bits_t *a_bits =
 		    brainpool_hash(seed->seed, seed->brainpool.w, seed->brainpool.v);
 		GEN a = bits_to_i(a_bits);
+		pari_printf("trying a = '%P#x'\n", a);
 		bits_free(&a_bits);
 		GEN am = Fp_invsafe(a, curve->field);
 		if (am == NULL) {
 			brainpool_update_seed(seed->seed);
+			pari_printf("a, update seed(noinv) %P#x\n", bits_to_i(seed->seed));
 			avma = btop;
 			continue;
 		}
-		z = Fp_sqrtn(Fp_muls(am, -1, curve->field), stoi(4), curve->field, NULL);
+		GEN z;
+		z = Fp_sqrtn(Fp_muls(am, -3, curve->field), stoi(4), curve->field,
+		             NULL);
 		if (z == NULL) {
 			brainpool_update_seed(seed->seed);
+			pari_printf("a, update seed(sqrtn) %P#x\n", bits_to_i(seed->seed));
 			avma = btop;
 			continue;
 		}
 		seed->brainpool.seed_a = bits_copy(seed->seed);
 
-		GEN b;
+		GEN b = NULL;
+		pari_sp bbtop = avma;
 		do {
+			if (b != NULL) {
+				avma = bbtop;
+			}
 			brainpool_update_seed(seed->seed);
+			pari_printf("b, update seed %P#x\n", bits_to_i(seed->seed));
 			bits_t *b_bits = brainpool_hash(seed->seed, seed->brainpool.w,
 			                                seed->brainpool.v);
 			b = bits_to_i(b_bits);
@@ -75,19 +87,13 @@ GENERATOR(brainpool_rfc_gen_equation) {
 		if (gequal0(gmulsg(-16, gadd(gmulsg(4, gpowgs(mod_a, 3)),
 		                             gmulsg(27, gsqr(mod_b)))))) {
 			brainpool_update_seed(seed->seed);
+			pari_printf("curve, update seed %P#x\n", bits_to_i(seed->seed));
 			bits_free(&seed->brainpool.seed_a);
 			bits_free(&seed->brainpool.seed_b);
 			avma = btop;
 			continue;
 		}
 
-		brainpool_update_seed(seed->seed);
-		seed->brainpool.seed_bp = bits_copy(seed->seed);
-
-		bits_t *mult_bits =
-		    brainpool_hash(seed->seed, seed->brainpool.w, seed->brainpool.v);
-		seed->brainpool.mult = bits_to_i(mult_bits);
-
 		curve->a = mod_a;
 		curve->b = mod_b;
 		gerepileall(btop, 2, &curve->a, &curve->b);
@@ -96,4 +102,4 @@ GENERATOR(brainpool_rfc_gen_equation) {
 
 	seed->brainpool.update_seed = true;
 	return 1;
-}
\ No newline at end of file
+}